In the past we have modified the standard WordPress snippet in the htaccess file to add this redirect code. It is best to add this as a separate section in the htaccess file to prevent it being overidden by security plugin or a WordPress update.

WordFence is a security plugin that we install to all our sites before launch. It is a very powerful tool with many capabilities so this post should help optimize the plugin to fully utilize the features.

Once WordFence is installed, you have to go to Options link under the WordFence button in the Dashboard menu. WordFence will ask you to enter your email and then you can proceed with the configuration.

Basic Options:

You should uncheck the Enable Live Traffic View because it will tremendously slow down your site load-up speed.

For the to “How does Wordfence get IPs:” you want to select the “Use PHP’s built in REMOTE_ADDR…” option from the drop-down.

Advanced Options:

Alerts:

Uncheck the “Alert when someone is locked out from login” and “Alert me when someone with administrator access signs in” options.

Scans:

Make sure all options are selected

Firewall:

The following image will show you how I configured the firewall options. You can choose to change the options to better suit your needs and you can also choose to block the users or crawlers that break rules rather than throttling them.

Login Security Options:

Change the drop-down values for the “Lock out after how many login failures” and “Lock out after how many forgot password attempts” options to 5.

Change the “Amount of time a user is locked out” to 30 minutes.

Other Options:

You want to enter your site’s IP Address into the “Whitelisted IP addresses that bypass all rules:” field.

Some older computers will not be able to interpret this symbol and show a question mark it its place. To prevent this from happening we found this code on Stack Exchange.

// Custom configuration for TinyMCE
function wpsx_54398_configure_tiny_mce( $initArray ) {
// Add some common entities to the default array (copy, reg, trade, service mark, euro)
// The odd entires are the entity *number*, the even entries are the entity *name*. If the entity has no name,
// use the number, prefixed with a hash (for example, the service mark is "8480,#8480").
$initArray['entities'] = $initArray['entities'] . ',169,copy,174,reg,8482,trade,8480,#8480,8364,euro';
return $initArray;
}
add_filter('tiny_mce_before_init', 'wpsx_54398_configure_tiny_mce');

By default the WordPress visual editor will ad ‘p’ tags to all of your text and images. When you are floating an image the p tag around it can create more margin than you want, and it often ads an extra ‘br’ tag to the code which can cause spacing problems.

Add the following code to the functions.php file to prevent the IMG tags from being wrapped in a p tag.